On Thu, Dec 08, 2016 at 04:11:38PM -0500, Olga Kornievskaia wrote: > Why is "kinit" accessing ~/.krb5/config? Typically kinit will only > access /etc/krb5.conf. > > You are describing a catch-22 system. You want to create credentials > but to create credentials you need to access a file that is protected > by the credentials. This is a badly designed setup. > > kinit normally does not require access into something that is > protected by credentials gotten by kinit. > > Your solution is to provide your user with "kinit" that does not > access ~/.krb5/config. Please describe the need for that file and why > it can't be satisfied using machine global /etc/krb5.conf. debian heimdal 1.6~rc2+dfsg-9 opens ~/.krb5/config and ~/.rnd files. dunno why. MIT implementation does not seem to access $HOME. -- Lukáš Hejtmánek -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
